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use CKCMD_UNLOCK_FILES 
3174 



Report status of unlock operation to server 
3184 

update play list on media that is coupled to engine to 
include newly unlocked content 
3194 



FIG. 31C 



Attorney Docket No.: M- 12040 US 

First Inventor: Timothy R. Feldman 

Title: An Unlocking Method and System for Data on Media 



CO 

1 

o 
o 

CO 

o 



c 
o 

b 

E 
o 



CO 
CO 

o 

c 
3 




, CO 

CO ^ E ^ >> 

8 ^ 



o S " 




§ CO c ^ -o 

e i= CD 

<D c © 21 
> CO o Z) 

o 



E 
o 
o 



CO 



Q> 

^ col 

CM 

o 



o 

CO 

0) T3 

5 CO 
CD 3 

c^ ^ 



<3> 

P <30| 

s <^ 

^ ^ = 

^ CO CO 

^ ^ 
^ E _^ 
^ o 

CL O 

O =3 
O 



c o| 

a> CO 

E cvj 

§ CO 

9- >^ 

E ^ 

o ^ 
_ O 

1 

CO 3 

CD CO — ^ 

:5 Q_ ^ 

e o ^ 

Q_ C 

CD 




CD 

O CO 
13 



CO 

c 
o 

0) 

(D 
CO 

ZD -*~ 
^ O 

o < 



o 
o 

Q. 

CO 



o 



CD 



CD 13 

i*: ^ _ 

CO O O 

^ E^ 

^ S w I 

^ S o ® 
& E ^ 

CD O q5 

^ g-to 
3 E CO 

o o 



CO ^ 

^ -E ^ 

E <» 3 

8 g ® 




CD 



C ® 

c CO 
O i_ 
O 0) 

CO o 

§2 




O CD o 

O >»3 

O Q. CMl 

>s c: ^ CM 

O ^ CD CVJI 
CD £ <^ 

c: jQ o 
.2 >.CO 

CO CO — . 
CO c -J 
CD ^ 




to 




CD 




o> 








CD 








o 


c 


c 


o 


o 




CO 


CD 










i 


CO 


Se 


^— • 










O 





CD 

"5 S 

CO o 

CO o 
CD 

CD O O 

<D O *CO 

CO o> S 
3 a> CO 

— 

o g> 



CD 



CO 



T3 <D 

« O 
9 « 

O a> 
CO -o 

> 

2 « 

Q O 

o M 



CO 

c to 
o Q 

S5 CO CM 



— CO 



X 
CD 
■D 
C 



O 
o 



o 

CD 

c 
c 
o 
o 

1— 
CD 

£: 

CD 
CO 

o 



CD 
CO 



CD 



CO 

I 

CD 

CD 
CO 

O 



3 

2 CO 

C CD 

E <D 

<D CO 
»- 

0) *=; 

o 
CO 




Attorney Docket No. : M- 1 2040 US 

First Inventor: Timothy R. Feldman 

Title: An Unlocking Method and System for Data on Media 



Master Server accepts connection from CKU Server 

3310 




r 


Master Server acknowledges connection 
3320 




r 


Master Server receives CKU Server CKDRM 
Certificate, engine's CKDRM Certificate, media SCID 
and DFS file handles from CKU Server 
3330 






Master Server verifies validity of both certificates by, 
for example, checking MAC and PKI signatures 

3334 




f 


Master Server checks Revocation database to make 
sure there are no revoked certificates pending 

3336 
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Master Server retrieves requested Key Complements 
from Key Complement Database 
3340 




r 


Master Server encrypts 
CKU Serve 
33 


Key Complements using 

r Public Key 

50 




r 


Master Server transmits encrypted data to CKU 
Server 
3360 




r 


Master Server receives ac 
Server and 
33 


knowledgement from CKU 

disconnects 

70 
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Client accesses formatted URL, such as URL 
on media disk or URL associated with serial 
number on media disk or other source 
3410 




r 


Client presents query string containing SCID 
and locked content status 
3420 


^ 


r 


Web server constructs page to present offers 
to consumer using data from Offers and Ul 
Elements databases 
3430 


} 


r 


Web server delivers "Unlocking in Progress" 
page to client 
3440 




r 


Web server generates unique SessionID that 
is used later to commit transaction after 
unlock process is verified 
3450 




r 


Web page embeds CKU Client object and 
contains client-side script that tells CKU Client 
to begin unlock process 
3454 




r 



Web server stores the SCID and list of D FS 

File Handles indexed by SessionID in 
Transaction Database for later use by CKU 
Server object 



3456 
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Engine receives handle and key 
complement to key box 
3610 




r 


Engine performs 
36 


key box look up 
20 



Keys within key box are 
unbound and decrypted 
3630 



Keys are rebound, encrypted 
and locked 
3640 
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ContentKey 
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DCS Order Mgmt Server inserts records DCS_STAGE table 
with or without a Media ID 
3802 



J 

DCS Order Mgmt Serve generates a web page with a CKU 
Client instantiated with a Transaction ID 
3804 



t 

CKU Client obtains the Engine's CKDRM Certificate 
3806 

i 

CKU Client obtains the unique Media ID (if this is not 
already established the engine will do so) 
3808 



J 

CKU Client obtains the Server's ContentKey Certificate 

3810 



J 

CKU Client obtains the ESessionKey from the Engine using 
the CKU Server's CKDRM Certificate 
3812 



t 

CKU Client makes final unlock request for validating and/or 
updating the DCS_STAGE table with the Media ID, 
authenticating the Engine, obtaining the File Handle/Key 
CompIementA/ersion list and Wrapping the File Set 
3814 



J 

CKU Client sends the wrapped file set to the Engine so the 
Engine can unlock the content 
3816 



J 

CKU Client sends the final transaction status message to 
the server and displays a "Trx Complete" message to 
customer/user 
3818 



J 

DCS Order Mgmt Server receives the status complete 
notice, and deletes DCS_STAGE records for that 
transaction and updates transaction 
3820 
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Receive media containing lodged content 
4002 



t 

Auto- Run Handler (or Content Manager) requests and obtains a Contents.ddl 

file 

4004 



V 

Auto-Run Handler (or Content Manager) parses the Contents.ddl fie to obtain 
the PackageCoHectionID, PackageCoIleotionSKU, UniockURL, Prinnary 
PackageSKU List + Business Entity ID, and a list of previously unlocked 
PackageSKU's 

4006 

i 

Auto-Run Handler (or Content Manager) appends the data to the URL and 
opens the default browser which will display a web page created by the eTailer 

4008 



J 

ETailer presents user/customer with a series of pages to process the 
eCommerce transaction 
4010 



After a user/customer completes the transaction (e.g. clicking button and 
prompting eTailer) thereby requesting eTailer to notify the DCS of the 
ContentKey Unlock Transaction, eTailer passes the DCS the PC ID, and a list 
of PackageSKU's that are to be unlocked 
4012 





r 


The DCS Order Mgmt component generates a unique Transaction ID and will 
insert one record for each Package purchased. At this point, the Media ID is 
not know so it will contain a null value. 
4014 


} 


r 


The DCS replies to the eTailer with a failure message or a URL that the user/ 
customer uses to unlock content. The Unlock URL contains the Transaction ID 
that was generated by the DCS. 
4016 




f 


The eTailer generates a final confirmation and unlock instructions page that 
contains the Unlock URL. 
4018 
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